文章目录
- openssl3.2 - exp - 选择最好的内建椭圆曲线
- 概述
- 笔记
- 将 openssl ecparam -list_curves 实现迁移到自己的demo工程
- 备注
- END
openssl3.2 - exp - 选择最好的内建椭圆曲线
概述
在openssl中使用椭圆曲线, 只允许选择椭圆曲线的名字, 无法给定椭圆曲线的位数.
估计每种椭圆曲线都有固定的位数(bit prime field)
openssl.exe有命令可以列出全部的椭圆曲线列表
openssl ecparam -list_curves
D:\my_tmp>openssl ecparam -list_curves
secp112r1 : SECG/WTLS curve over a 112 bit prime field
secp112r2 : SECG curve over a 112 bit prime field
secp128r1 : SECG curve over a 128 bit prime field
secp128r2 : SECG curve over a 128 bit prime field
secp160k1 : SECG curve over a 160 bit prime field
secp160r1 : SECG curve over a 160 bit prime field
secp160r2 : SECG/WTLS curve over a 160 bit prime field
secp192k1 : SECG curve over a 192 bit prime field
secp224k1 : SECG curve over a 224 bit prime field
secp224r1 : NIST/SECG curve over a 224 bit prime field
secp256k1 : SECG curve over a 256 bit prime field
secp384r1 : NIST/SECG curve over a 384 bit prime field
secp521r1 : NIST/SECG curve over a 521 bit prime field
prime192v1: NIST/X9.62/SECG curve over a 192 bit prime field
prime192v2: X9.62 curve over a 192 bit prime field
prime192v3: X9.62 curve over a 192 bit prime field
prime239v1: X9.62 curve over a 239 bit prime field
prime239v2: X9.62 curve over a 239 bit prime field
prime239v3: X9.62 curve over a 239 bit prime field
prime256v1: X9.62/SECG curve over a 256 bit prime field
sect113r1 : SECG curve over a 113 bit binary field
sect113r2 : SECG curve over a 113 bit binary field
sect131r1 : SECG/WTLS curve over a 131 bit binary field
sect131r2 : SECG curve over a 131 bit binary field
sect163k1 : NIST/SECG/WTLS curve over a 163 bit binary field
sect163r1 : SECG curve over a 163 bit binary field
sect163r2 : NIST/SECG curve over a 163 bit binary field
sect193r1 : SECG curve over a 193 bit binary field
sect193r2 : SECG curve over a 193 bit binary field
sect233k1 : NIST/SECG/WTLS curve over a 233 bit binary field
sect233r1 : NIST/SECG/WTLS curve over a 233 bit binary field
sect239k1 : SECG curve over a 239 bit binary field
sect283k1 : NIST/SECG curve over a 283 bit binary field
sect283r1 : NIST/SECG curve over a 283 bit binary field
sect409k1 : NIST/SECG curve over a 409 bit binary field
sect409r1 : NIST/SECG curve over a 409 bit binary field
sect571k1 : NIST/SECG curve over a 571 bit binary field
sect571r1 : NIST/SECG curve over a 571 bit binary field
c2pnb163v1: X9.62 curve over a 163 bit binary field
c2pnb163v2: X9.62 curve over a 163 bit binary field
c2pnb163v3: X9.62 curve over a 163 bit binary field
c2pnb176v1: X9.62 curve over a 176 bit binary field
c2tnb191v1: X9.62 curve over a 191 bit binary field
c2tnb191v2: X9.62 curve over a 191 bit binary field
c2tnb191v3: X9.62 curve over a 191 bit binary field
c2pnb208w1: X9.62 curve over a 208 bit binary field
c2tnb239v1: X9.62 curve over a 239 bit binary field
c2tnb239v2: X9.62 curve over a 239 bit binary field
c2tnb239v3: X9.62 curve over a 239 bit binary field
c2pnb272w1: X9.62 curve over a 272 bit binary field
c2pnb304w1: X9.62 curve over a 304 bit binary field
c2tnb359v1: X9.62 curve over a 359 bit binary field
c2pnb368w1: X9.62 curve over a 368 bit binary field
c2tnb431r1: X9.62 curve over a 431 bit binary field
wap-wsg-idm-ecid-wtls1: WTLS curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls3: NIST/SECG/WTLS curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls4: SECG curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls5: X9.62 curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls6: SECG/WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls7: SECG/WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls8: WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls9: WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls10: NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls11: NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls12: WTLS curve over a 224 bit prime field
Oakley-EC2N-3:
IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
Oakley-EC2N-4:
IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
brainpoolP160r1: RFC 5639 curve over a 160 bit prime field
brainpoolP160t1: RFC 5639 curve over a 160 bit prime field
brainpoolP192r1: RFC 5639 curve over a 192 bit prime field
brainpoolP192t1: RFC 5639 curve over a 192 bit prime field
brainpoolP224r1: RFC 5639 curve over a 224 bit prime field
brainpoolP224t1: RFC 5639 curve over a 224 bit prime field
brainpoolP256r1: RFC 5639 curve over a 256 bit prime field
brainpoolP256t1: RFC 5639 curve over a 256 bit prime field
brainpoolP320r1: RFC 5639 curve over a 320 bit prime field
brainpoolP320t1: RFC 5639 curve over a 320 bit prime field
brainpoolP384r1: RFC 5639 curve over a 384 bit prime field
brainpoolP384t1: RFC 5639 curve over a 384 bit prime field
brainpoolP512r1: RFC 5639 curve over a 512 bit prime field
brainpoolP512t1: RFC 5639 curve over a 512 bit prime field
SM2 : SM2 curve over a 256 bit prime field
比较每种椭圆曲线的质数域位数, 挑出最大的那个.
sect571k1 : NIST/SECG curve over a 571 bit binary field
sect571r1 : NIST/SECG curve over a 571 bit binary field
可知, 质数域位数最大的椭圆曲线有2个 : sect571k1 或者 sect571r1, 位数都是571位.
笔记
将 openssl ecparam -list_curves 实现迁移到自己的demo工程
想看看官方怎么实现的这个命令.
/*!
* \file exp017_ecparam_list_curves.cpp
* \note 看看openssl如何实现命令 openssl ecparam -list_curves
*/
#include "my_openSSL_lib.h"
#include <openssl/crypto.h>
#include <openssl/bio.h>
#include <openssl/ec.h>
#include <openssl/objects.h>
#include <stdlib.h>
#include <stdio.h>
#include <assert.h>
#include "CMemHookRec.h"
void my_openssl_app();
int list_builtin_curves(BIO* out);
int main(int argc, char** argv)
{
setvbuf(stdout, NULL, _IONBF, 0); // 清掉stdout缓存, 防止调用printf时阻塞
mem_hook();
my_openssl_app();
mem_unhook();
/*! run result
list_builtin_curves, cnt = 82
--------------------
secp112r1 : -20SECG/WTLS curve over a 112 bit prime field
secp112r2 : -20SECG curve over a 112 bit prime field
secp128r1 : -20SECG curve over a 128 bit prime field
secp128r2 : -20SECG curve over a 128 bit prime field
secp160k1 : -20SECG curve over a 160 bit prime field
secp160r1 : -20SECG curve over a 160 bit prime field
secp160r2 : -20SECG/WTLS curve over a 160 bit prime field
secp192k1 : -20SECG curve over a 192 bit prime field
secp224k1 : -20SECG curve over a 224 bit prime field
secp224r1 : -20NIST/SECG curve over a 224 bit prime field
secp256k1 : -20SECG curve over a 256 bit prime field
secp384r1 : -20NIST/SECG curve over a 384 bit prime field
secp521r1 : -20NIST/SECG curve over a 521 bit prime field
prime192v1 : -20NIST/X9.62/SECG curve over a 192 bit prime field
prime192v2 : -20X9.62 curve over a 192 bit prime field
prime192v3 : -20X9.62 curve over a 192 bit prime field
prime239v1 : -20X9.62 curve over a 239 bit prime field
prime239v2 : -20X9.62 curve over a 239 bit prime field
prime239v3 : -20X9.62 curve over a 239 bit prime field
prime256v1 : -20X9.62/SECG curve over a 256 bit prime field
sect113r1 : -20SECG curve over a 113 bit binary field
sect113r2 : -20SECG curve over a 113 bit binary field
sect131r1 : -20SECG/WTLS curve over a 131 bit binary field
sect131r2 : -20SECG curve over a 131 bit binary field
sect163k1 : -20NIST/SECG/WTLS curve over a 163 bit binary field
sect163r1 : -20SECG curve over a 163 bit binary field
sect163r2 : -20NIST/SECG curve over a 163 bit binary field
sect193r1 : -20SECG curve over a 193 bit binary field
sect193r2 : -20SECG curve over a 193 bit binary field
sect233k1 : -20NIST/SECG/WTLS curve over a 233 bit binary field
sect233r1 : -20NIST/SECG/WTLS curve over a 233 bit binary field
sect239k1 : -20SECG curve over a 239 bit binary field
sect283k1 : -20NIST/SECG curve over a 283 bit binary field
sect283r1 : -20NIST/SECG curve over a 283 bit binary field
sect409k1 : -20NIST/SECG curve over a 409 bit binary field
sect409r1 : -20NIST/SECG curve over a 409 bit binary field
sect571k1 : -20NIST/SECG curve over a 571 bit binary field // !!! best one
sect571r1 : -20NIST/SECG curve over a 571 bit binary field // !!! best one
c2pnb163v1 : -20X9.62 curve over a 163 bit binary field
c2pnb163v2 : -20X9.62 curve over a 163 bit binary field
c2pnb163v3 : -20X9.62 curve over a 163 bit binary field
c2pnb176v1 : -20X9.62 curve over a 176 bit binary field
c2tnb191v1 : -20X9.62 curve over a 191 bit binary field
c2tnb191v2 : -20X9.62 curve over a 191 bit binary field
c2tnb191v3 : -20X9.62 curve over a 191 bit binary field
c2pnb208w1 : -20X9.62 curve over a 208 bit binary field
c2tnb239v1 : -20X9.62 curve over a 239 bit binary field
c2tnb239v2 : -20X9.62 curve over a 239 bit binary field
c2tnb239v3 : -20X9.62 curve over a 239 bit binary field
c2pnb272w1 : -20X9.62 curve over a 272 bit binary field
c2pnb304w1 : -20X9.62 curve over a 304 bit binary field
c2tnb359v1 : -20X9.62 curve over a 359 bit binary field
c2pnb368w1 : -20X9.62 curve over a 368 bit binary field
c2tnb431r1 : -20X9.62 curve over a 431 bit binary field
wap-wsg-idm-ecid-wtls1: -20WTLS curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls3: -20NIST/SECG/WTLS curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls4: -20SECG curve over a 113 bit binary field
wap-wsg-idm-ecid-wtls5: -20X9.62 curve over a 163 bit binary field
wap-wsg-idm-ecid-wtls6: -20SECG/WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls7: -20SECG/WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls8: -20WTLS curve over a 112 bit prime field
wap-wsg-idm-ecid-wtls9: -20WTLS curve over a 160 bit prime field
wap-wsg-idm-ecid-wtls10: -20NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls11: -20NIST/SECG/WTLS curve over a 233 bit binary field
wap-wsg-idm-ecid-wtls12: -20WTLS curve over a 224 bit prime field
Oakley-EC2N-3 : -20
IPSec/IKE/Oakley curve #3 over a 155 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
Oakley-EC2N-4 : -20
IPSec/IKE/Oakley curve #4 over a 185 bit binary field.
Not suitable for ECDSA.
Questionable extension field!
brainpoolP160r1 : -20RFC 5639 curve over a 160 bit prime field
brainpoolP160t1 : -20RFC 5639 curve over a 160 bit prime field
brainpoolP192r1 : -20RFC 5639 curve over a 192 bit prime field
brainpoolP192t1 : -20RFC 5639 curve over a 192 bit prime field
brainpoolP224r1 : -20RFC 5639 curve over a 224 bit prime field
brainpoolP224t1 : -20RFC 5639 curve over a 224 bit prime field
brainpoolP256r1 : -20RFC 5639 curve over a 256 bit prime field
brainpoolP256t1 : -20RFC 5639 curve over a 256 bit prime field
brainpoolP320r1 : -20RFC 5639 curve over a 320 bit prime field
brainpoolP320t1 : -20RFC 5639 curve over a 320 bit prime field
brainpoolP384r1 : -20RFC 5639 curve over a 384 bit prime field
brainpoolP384t1 : -20RFC 5639 curve over a 384 bit prime field
brainpoolP512r1 : -20RFC 5639 curve over a 512 bit prime field
brainpoolP512t1 : -20RFC 5639 curve over a 512 bit prime field
SM2 : -20SM2 curve over a 256 bit prime field
--------------------
free map, g_mem_hook_map.size() = 0
*/
return 0;
}
void my_openssl_app()
{
BIO* bio_out = NULL;
do {
bio_out = BIO_new_fp(stdout, 0);
if (NULL == bio_out)
{
break;
}
list_builtin_curves(bio_out);
} while (false);
if (NULL != bio_out)
{
BIO_free(bio_out);
bio_out = NULL;
}
}
int list_builtin_curves(BIO* out)
{
int ret = 0;
EC_builtin_curve* curves = NULL;
size_t n, crv_len = EC_get_builtin_curves(NULL, 0);
BIO_printf(out, "list_builtin_curves, cnt = %d\n", crv_len);
curves = (EC_builtin_curve*)OPENSSL_malloc(sizeof(*curves) * crv_len);
if (!EC_get_builtin_curves(curves, crv_len))
{
BIO_printf(out, "err\n");
goto end;
}
BIO_printf(out, "--------------------\n");
for (n = 0; n < crv_len; n++) {
const char* comment = curves[n].comment;
const char* sname = OBJ_nid2sn(curves[n].nid);
if (comment == NULL)
comment = "CURVE DESCRIPTION NOT AVAILABLE";
if (sname == NULL)
sname = "";
BIO_printf(out, " %-20s: -20%s\n", sname, comment);
}
BIO_printf(out, "--------------------\n");
ret = 1;
end:
OPENSSL_free(curves);
return ret;
}
备注
从查到的资料看, ECC521就比普通的RSA位数强多了.
现在主流网站用的RSA证书位数都是4096(e.g. MS主站)
sect571k1, sect571r1的位数是571位, 强度应该更高吧.
